From e2fa530e9859f8db7fb9c209a331d89832afc174 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Leo=20=C3=98rsnes?= <zeekooster@gmail.com>
Date: Tue, 29 Mar 2022 14:10:53 +0200
Subject: [PATCH] Safeguard document.cookie

In sandbox mode (iframes) even trying to read from document.cookie will throw an error
---
 src/index.js | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/index.js b/src/index.js
index 3f565b8..cd1dda6 100644
--- a/src/index.js
+++ b/src/index.js
@@ -173,8 +173,13 @@ export default (function create(/** @type {Options} */ defaults) {
 			customHeaders['content-type'] = 'application/json';
 		}
 
-		const m =
-			typeof document !== 'undefined' && document.cookie.match(RegExp('(^|; )' + options.xsrfCookieName + '=([^;]*)'));
+		let m;
+
+		try {
+			m =
+				typeof document !== 'undefined' &&
+				document.cookie.match(RegExp('(^|; )' + options.xsrfCookieName + '=([^;]*)'));
+		} catch (e) {}
 		if (m) customHeaders[options.xsrfHeaderName] = decodeURIComponent(m[2]);
 
 		if (options.auth) {